K2 for SharePoint Environment Setup

Similar documents
Microsoft Office SharePoint Server 2007: Small Farm Step by Step Deployment Guide

ControlPoint. Installation Guide for SharePoint August 23,

ControlPoint. Advanced Installation Guide. September 07,

Citrix Web Interface for Microsoft SharePoint Administrator s Guide. Citrix Access Suite 4.2

EMC SourceOne for Microsoft SharePoint Version 6.7

K2 Installation and Configuration - checklist and guide

Workspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902

User Manual. ARK for SharePoint-2007

K2 blackpoint Release Notes

Deployment guide for Duet Enterprise for Microsoft SharePoint and SAP Server 2.0

ControlPoint. Native Installation Guide. February 05,

VMware AirWatch Database Migration Guide A sample procedure for migrating your AirWatch database

StoragePoint Advanced Installation Guide

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Sharepoint 2007

Version 6.1 Release Notes and Installation Guide

Metalogix ControlPoint 7.6. Advanced Iinstallation Guide

SharePoint Farm Reporter Installation Guide

Installing SharePoint Server 2007

Pyramid 2018 Kerberos Guide Guidelines and best practices for how deploy Pyramid 2018 with Kerberos

Important notice regarding accounts used for installation and configuration

Microsoft Dynamics GP Web Client Installation and Administration Guide For Service Pack 1

Microsoft SQL Server Reporting Services (SSRS)

VMware AirWatch Certificate Authentication for EAS with ADCS

Coveo Platform 7.0. Microsoft SharePoint Legacy Connector Guide

Monitoring SharePoint 2007/ 2010/ 2013 Server using EventTracker

MacroView ClauseBank Version 8.2

Configure SharePoint Server 2010 as a single server with the Unitrends appliance. farm with the Unitrends appliance

Installation and Upgrade Guide

EMC SourceOne Discovery Manager Version 6.5

Coveo Platform 6.5. Microsoft SharePoint Connector Guide

Quick Start Installation Guide

Installation Guide Worksoft Certify Execution Suite

Authlogics Forefront TMG and UAG Agent Integration Guide

Using the Orchestration Console in System Center 2012 R2 Orchestrator

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE

Microsoft Dynamics AX 2012 Installation Guide

Installation & Upgrade Guide

Privileged Identity App Launcher and Session Recording

EMC ApplicationXtender SPI (for SharePoint Integration)

Deploying a System Center 2012 R2 Configuration Manager Hierarchy

Connect Install Guide

SharePoint 2016 Administrator's Survival Camp

Service Manager. Installation and Deployment Guide

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

SharePoint 2003 to SharePoint Server 2007 RTM In Place Upgrade Demo

EMC Documentum Content Services for SharePoint

Metalogix ControlPoint 7.6. for Office 365 Installation Guide

Enterprise Product Integration. Configuration and Troubleshooting Guide

VMware Horizon Cloud Service on Microsoft Azure Administration Guide

Installing Dell EMC OpenManage Essentials

MB Exam Code: MB Exam Name: Microsoft Dynamics CRM 2016 Customer Service

TIBCO NimbusTM SharePoint Customization Guide. Software Release March 2015

CA Clarity Project & Portfolio Manager

ControlPoint. Quick Start Guide. November 09,

Monitoring Server Deployment Guide for PerformancePoint Server 2007

with Access Manager 51.1 What is Supported in This Release?

PDF SHARE FORMS. Online, Offline, OnDemand. PDF forms and SharePoint are better together. PDF Share Forms Enterprise 3.0.

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

WhatsUp Gold 2016 Installation and Configuration Guide

Kerberos Constrained Delegation Authentication for SEG V2. VMware Workspace ONE UEM 1810

Replicator. Installing and Configuring Replicator With Least Privilege P. March 09,

Personal vdisk Implementation Guide. Worldwide Technical Readiness

Technical Notes. EMC NetWorker SharePoint BLOB Backup and Recovery by using NetWorker Module for Microsoft and Metalogix StoragePoint TECHNICAL NOTES

Microsoft Windows Server 2003 or Microsoft Windows Server 2008 Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007

AvePoint RevIM Installation and Configuration Guide. Issued May AvePoint RevIM Installation and Configuration Guide

Installation & Upgrade Guide

AvePoint Governance Automation 2. Release Notes

Status Web Evaluator s Guide Software Pursuits, Inc.

10972: ADMINISTERING THE WEB SERVER (IIS) ROLE OF WINDOWS SERVER

Centrify Infrastructure Services

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

Self-Service Password Reset

EMC SourceOne for Microsoft SharePoint Version 7.1

Installation Guide Worksoft Analyze

EMC SourceOne for Microsoft SharePoint Version 6.7

Workspace Administrator Help File

Pre-Installation Guide. AgilePoint BPMS v5.0 SP2

Security Explorer 9.1. User Guide

EMC SourceOne Discovery Manager Version 6.7

CENTRAL. Version Deployment Guide

Kerberos Constrained Delegation Authentication for SEG V2. VMware Workspace ONE UEM 1811

VMware Horizon Cloud Service on Microsoft Azure Administration Guide

Installation Guide Worksoft Certify

App Orchestration 2.0

VMware vfabric Data Director Installation Guide

SOA Software Intermediary for Microsoft : Install Guide

DefendX Software Control-Audit for Hitachi Installation Guide

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

ControlPoint. Managing ControlPoint Users, Permissions, and Menus. February 05,

Evaluation Guide Host Access Management and Security Server 12.4 SP1 ( )

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

Version Installation Guide. 1 Bocada Installation Guide

Adlib PDF SharePoint Workflow Connector Guide PRODUCT VERSION: 2.1

Intel Unite. Enterprise Test Environment Setup Guide

One Identity Manager Administration Guide for Connecting to SharePoint Online

VMware vfabric Data Director Installation Guide

Security Center Installation and Upgrade Guide 5.5 SR3. Click here for the most recent version of this document.

Tableau Server on Microsoft Azure:

Transcription:

K2 for SharePoint Environment Setup GUIDANCE ON SETTING UP A SHAREPOINT ENVIRONMENT BEFORE INSTALLING K2 INTEGRATION May 4 Guidance in this document can be used for customers to correctly set up their K2 for SharePoint environments. Actual environments can differ greatly due to network configurations, types of business solutions developed and technologies with which K2 is integrated.

CORPORATE HEADQUARTERS 2615 151st Place NE Redmond Washington 98052 USA PH +1 (425) 883 4200 FAX +1 (425) 671 0411 EMEA HEADQUARTERS APAC HEADQUARTERS 26 Worple Road 9 Shenton Way #06-02 Wimbledon Singapore London 068813 UK PH +1 65 6327 4110 PH +1 44 (0) 845 612 0912 FAX +1 65 6327 4120 FAX +1 44 (0) 845 612 0911 [ WWW.K2.COM ] The information provided relates to pre-release software products, may include features only available after installation of additional add-ins, and may be substantially modified before the commercial release. This information is provided for informational purposes only, and SourceCode Technology Holdings, Inc. makes no warranties, expressed or implied, with respect to this document or the information contained within it. Copyright 2010. SourceCode Technology Holdings Inc. All rights reserved. Patents pending. SourceCode and K2 are registered trademarks or trademarks of SourceCode Technology Holdings, Inc. in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. PAGE 2

CONTENTS CONTENTS...3 INTRODUCTION...4 K2 FOR SHAREPOINT COMPONENTS...4 AUDIENCE...4 SETUP K2 SERVICE ACCOUNTS...4 K2 FOR SHAREPOINT REQUIRED PERMISSIONS...5 REQUIRED PERMISSIONS CONSIDERATIONS... 10 SHAREPOINT FARM SETUP AND CONFIGURATION... 10 DEPLOYMENT OF A SHAREPOINT WORKFLOW INTEGRATED PROCESS... 15 POSSIBLE ISSUES THAT MAY ARISE WHEN DEPLOYING A SHAREPOINT WORKFLOW INTEGRATED PROCESS ON A SHAREPOINT FARM ENVIRONMENT... 16 TROUBLESHOOTING THE EFFECTS OF A DEPLOYMENT WHICH FAILED... 18 ADDITIONAL RESOURCES... 19 PAGE 3

INTRODUCTION K2 provides the platform for delivering process-driven applications that improve business efficiency through the use of visual design tools and scalable server components. K2 provides several optional components that can be used with a SharePoint environment. The guidelines in this document allows K2 administrators to check and modify their SharePoint environments for successful installation of these K2 for SharePoint components. Actual environments can differ due to network configurations, types of business solutions developed, and technologies with which K2 is integrated. K2 FOR SHAREPOINT COMPONENTS The following list comprises the K2 for SharePoint components: K2 for Central Administration: All of the components necessary for K2 to integrate with the SharePoint Central Administration site, including features and solutions that can be activated to SharePoint farms managed by the site. This includes a management feature for managing the K2 server from SharePoint. For K2 blackpearl this also includes the Business Data Catalog integration feature. K2 Designer for SharePoint: The K2 designer that runs within the context of SharePoint, allowing process designers a graphical interface to design and deploy K2 processes that integrate with SharePoint lists and libraries. K2 Site Settings: A site collection link and a series of pages that allows site collection administrators to configure K2 settings for site collections where this feature has been activated. K2 Process Portal: A site template that includes a number of SharePoint Web Parts for interacting with the K2 server, including the K2 worklist, process instance management, reports, and K2 server management. AUDIENCE This paper is intended for system administrators and operations personnel responsible for the installation and setup of the K2 platform at their company. SETUP K2 SERVICE ACCOUNTS The K2 Service Accounts related to SharePoint are listed below: Account K2 Service Account K2 Administration Account SharePoint Service Account Purpose This account is used for the identity in which the K2 Server operates. This account will need permissions on the K2 Server and SharePoint Server. This account is used for basic administration of the K2 Server, such as setting security for the environment and managing services. This account may be the same as the K2 Service Account, but it is recommended that the accounts are different. This account is used by SQL Server Reporting Services to run the application pool for the web services and reports home page. Note: This account probably already exists in your environment. For further details on these accounts, see the Set Up Service Accounts section in the K2 documentation. PAGE 4

K2 FOR SHAREPOINT REQUIRED PERMISSIONS When installing and working with the K2 for SharePoint components, you must provide credentials for several different accounts. The following tables describe the accounts that are used to install, configure, deploy and run the K2 for SharePoint components. K2 for SharePoint - Core K2 for SharePoint components have a set of core features and security requirements that are required regardless of which features are activated in the target SharePoint farm.the following table details these permissions by user, service account, and the SharePoint location where the integration is necessary. Account Purpose Requirements Setup User The Setup user account is used to perform the following tasks: Domain user account (Note: This should not be the SharePoint System Administrator Account) Install the K2 for SharePoint files on SharePoint Web Front-Ends Deploy K2 Solutions to SharePoint Farm Configuring global K2 settings in Central Admin Installing and deploying the K2 solutions on the farm Member of the SharePoint Farm Administrators group Member of the local Administrators group Database permissions - dbo_owner permission on the following SharePoint databases: SharePoint Configuration database[sharepoint_config] SharePoint Admin content database K2 Central Administration The K2 Central Admin account is used to perform the following tasks: Use links on the K2 for SharePoint admin page (does not include K2 Designer for SharePoint links) Full Control permission on the Central Admin Site Collection is required to open the K2 for SharePoint page. Admin rights on K2 server Retrieving Host Server configuration settings Setting Export rights for Deployment Application Pool account for K2 Designer for SharePoint K2 Site Settings The K2 Site Settings account is used to perform the following tasks: Full Control permission on the Site Collection with the K2 Site Settings link Use links on the K2 Site Settings page K2 Service Account The K2 Service account is used to perform the following tasks: Create/Modify/Delete Web Applicationss Create/Modify/Delete Lists and Libraries Create/Modify/Delete List Items and Documents Create/Modify/Delete Full Control permission on all Site Collections that are part of any K2 process that will Create/Modify/Delete a Web application or Create/Modify/Delete user permissions Designer permission on all Site Collections/Webs that are part of any K2 process that will Create/Modify/Delete a List or Library Contributor permission on all Site Collections/Web Applications that are part of any K2 process that will Create/Modify/Delete a List Item or Document PAGE 5

The K2 runtime assumes the appropriate permissions are granted to the K2 Service account based on the K2 process needs. If permissions are not sufficient at runtime the process will enter an error state and the process will be halted. The process error state can be recovered via a retry operation after the permissions have been corrected. K2 for SharePoint User Permissions The following table details the permissions required by service account and users of the installable K2 designers. Account Purpose Requirements K2 Runtime Services Application Pool The K2 Runtime Services Application Pool account is used to perform the following tasks: Interact with K2 processes at runtime via Web services Impersonate rights on K2 server K2 Thickclient Designers (K2 Studio, K2 for Visual Studio, K2 for Visio SharePoint Workflow Integration processes) The account of the person using the thick-client designer is used to perform the following tasks: Deploy SharePoint Workflow Integration designed processes The thick-client designer account requires the following security configuration. Export rights on K2 server Additionally, the thick client designer account and the SharePoint Application Pool account of the target SharePoint URL (Site Collection) requires the following security configuration. SharePoint Farm Administrators group membership Full Control permission on the Site Collection Modify rights on the Features folder on the SharePoint web front ends K2 Designer for SharePoint The K2 Designer for SharePoint requires additional rights for installation, configuration, and execution. Account Purpose Requirements Setup User The Setup user account is used to perform the following tasks: All K2 for SharePoint Core (see above) permissions, plus the following: Activate features and K2 site settings Full Control permission on the default or selected Site Collection is required to open the page. Activating All K2 Features Creating and configuring hidden K2 lists PAGE 6

Examples: members of Site Collection Administrators and Portal Owners have the Full Control permission mask SQL Server server role securityadmin (Server > Security > Logins or Server > Security > Server Roles) securityadmin dbcreator or db_owner for the K2WebDesigner database Rights to set security on the All Users temp folder (%SYSTEMROOT%\System32\config\systemprofil e\appdata\local\temp) K2 Central Administratio n The K2 Central Admin account is used to perform the following tasks: Navigate to K2 Designer links on the K2 for SharePoint admin page Full Control permissions on the Central Admin Site Collection is required to open the page. Admin rights on K2 server Retrieving Host Server configuration settings SQL Server server role on K2Server securityadmin dbcreator or db_owner for the K2WebDesigner database Rights to set security on the All Users temp folder (%SYSTEMROOT%\System32\config\systemprofil e\appdata\local\temp) Deployment Application Pool account The Deployment Application Pool account (allows all users to deploy under one account rather than the individual accounts) is used to perform the following tasks: The following security configurations are done automatically when the Deployment Application Pool account is configured: Deploy K2 Designer for SharePoint designed processes SharePoint Farm Administrators group membership Full Control permission on the Site Collection Export rights on K2 server SQL Server database role -- db-owner (Server > Databases > {database name} > Security > Logins): K2 Designer for SharePoint database Add deployment application pool to SharePoint Application Pool collection which sets SQL Server PAGE 7

database role -- db_owner for the following (Server > Databases > {database name} > Security > Logins): SharePoint Central Admin content database SharePoint Shared Services content database SharePoint Site Collection content database SharePoint Configuration database Modify rights created on the All Users temp folder (%SYSTEMROOT%\System32\config\systemprofil e\appdata\local\temp) Process Designer Users in the Process Designer groups can perform the following tasks: All groups with at least Design permissions (Design and Full Control) are included by default. Access the Create K2 Process menu to design and deploy a process with K2 Designer for SharePoint Full Control permissions are required on the Site Collection to change the groups configured for Process Designer. This link is available on the K2 Site Settings page. The user deploying the process will be given Export rights on the K2 server at deployment. The user deploying the process will be given Admin and Start rights on the process. Process Participant Users in the Process Participant groups can perform the following tasks: Participate in deployed K2 processes All groups with at least Contribute permissions (Contribute, Design and Full Control) are included by default. Full Control permissions are required on the Site Collection to change the groups configured for Process Participant. This link is available on the K2 Site Settings page. Process Participant groups will be given Start and View Participate rights on process. K2 for SharePoint Process Portals The following is a summary of the SharePoint and K2 permissions necessary to perform various K2 Process Portal actions. Action SharePoint Rights K2 Rights Processes Web Part Reader Server Admin, Process Admin Instances Summary Web Part Reader Server Admin, Process Admin, Process View Process Instances - View Detail Reader Server Admin, Process Admin, Process View Process Instances - Perform Action Reader Server Admin, Process Admin PAGE 8

Start Process Instance Reader Process Admin, Process Start View Reports Reader Process Admin, Process View, Process View Participate Process Management - View Detail Reader Server Admin, Process Admin Process Management - Perform Action Reader Server Admin, Process Admin Process Management - View Detail - Roles Reader Server Admin, Process Admin for all processes in Project Process Management - Perform Action - Roles Reader Server Admin, Process Admin for all processes in Project Add Process to Portal Contributor Server Admin, Process Admin Administration Links (Central/Site) Reader Server Admin PAGE 9

REQUIRED PERMISSIONS CONSIDERATIONS If your organization cannot adhere to the abovementioned permission requirements with regards to farm and site collection administration rights, the following approach can be used: 1. For development environments, grant the permissions as described in the sections above. This allows the greatest flexibility for K2 process design and deployment in development environments 2. For production environments, use deployment packages created by developers and then given to farm and site collection administrators for deployment in that environment. Users in the production environment would not require the permissions as described in the sections above. Note that this approach does not preclude users from using the K2 Designer for SharePoint, as the processes deployed from that environment use the K2 Deployment Account identity, which still requires site collection full control or site collection administration permissions in addition to farm administration to add the specific process to the farm, which is deployed as a SharePoint feature. SHAREPOINT FARM SETUP AND CONFIGURATION An example of a K2 Load Balanced SharePoint environment has been put together to discuss and explain the setup and configuration from a K2 perspective. Certain assumptions are made with regards to pre-requisites and troubleshooting tips are included for ease of reference. Environment Description The K2 Load Balanced SharePoint environment consists of the following: K2 Server Workspace Server SQL Server SharePoint (Load Balanced) Environment Diagram The following diagram reflects the environment as described above. PAGE 10

Assumptions The following assumptions are made with regard to pre-requisites: It is assumed that a Load Balanced environment has been set up and all requirements have been configured in terms of: Kerberos SharePoint Permissions K2 Permissions (see the K2 for SharePoint Permissions section) It is assumed that SPN s have been set according to the requirements as outlined in the K2 product documentation. The following topics can be used as guidance to setting up SPN s: K2 blackpearl Installation Guide > Before you begin > Windows Server 2008 Configuration Requirements > Windows Server 2008 > Set SPN K2 blackpearl Installation Guide > Installing K2 blackpearl > Installing a standalone system > Installing the Components > K2 blackpearl Server Configuration K2 blackpearl Installation Guide > K2 Configuration Analysis Tool > Summary of tool checks K2 blackpearl Installation Guide > Installing K2 blackpearl > Installing a distributed environment > Install and configure the K2 Host Server > Install K2 blackpearl on the K2 Server K2 blackpearl Installation Guide > Before you begin > Windows Server 2003 Configuration Requirements > Set up SPNs > Set SPNs for the Reporting Services Service Account PAGE 11

K2 blackpearl Installation Guide > Before you begin > Windows Server 2003 Configuration Requirements > Set up SPNs > Set SPNs for the SharePoint Service Account K2 blackpearl Installation Guide > Before you begin > Windows Server 2003 Configuration Requirements > Set up SPNs > Set SPNs for the K2 Workspace Service Account K2 blackpearl Installation Guide > Installing K2 blackpearl > Installing a standalone system > Installing the Components > Service Accounts Configuration K2 blackpearl Installation Guide > Installing K2 blackpearl > Installing a standalone system > Installing the Components > K2 Server Configuration K2 blackpearl Installation Guide > Troubleshooting the Installation > SharePoint - Authentication is required for session error K2 blackpearl Installation Guide > Installing K2 blackpearl > Installing additional nodes > Adding another K2 Server to the farm K2 blackpearl Installation Guide > Before you begin > Windows Server 2003 Configuration Requirements > Set up SPNs > Set SPNs for the K2 Service Account K2 blackpearl Installation Guide > Before you begin > Windows Server 2003 Configuration Requirements > Set up SPNs > Set SPNs for the SQL Server Service Account K2 blackpearl Installation Guide > Before you begin > Windows Server 2008 Configuration Requirements > User Authentication and Security > Kerberos for Windows Server 2008 > Setting up SSRS with a Domain user as an application pool account K2 blackpearl Installation Guide > Before you begin > Windows Server 2008 Configuration Requirements > User Authentication and Security > Kerberos for Windows Server 2008 > Setup Kerberos delegation for IIS 7.0 K2 blackpearl Installation Guide > Installing K2 blackpearl > Installing a standalone system > Installing the Components > Workspace Application Pool Configuration Order in which to perform a K2 Installation The order in which to perform a K2 Installation on a distributed environment is of utmost importance. The following stipulates the order in which a K2 installation should be applied on a distributed environment: 1. Install K2 Server and K2 Workspace 2. Install the K2 for SharePoint component and its child, K2 Designer for SharePoint (optional), on SharePoint 3.0 Central Administration Server. Note: Central Administration has to be fully installed and configured before installating K2 on the Web Front Ends (WFEs). Do not open the K2 installation wizard on the WFEs before the installation on Central Administration is complete, as the configuration writes entries to the databases which are required by the K2 installer when installing on the WFEs. 4. Install K2 for SharePoint and its child, K2 Designer for SharePoint (optional), on each WFE. Note: Installation on the different Web Front Ends can happen simultaneously but only after installation on Central Administration has been completed. 5. After installing on the WFEs, a post installation step is required when running on a Load Balanced environment (as per the example). Note: During installation the solutions are automatically set on Central Administration PAGE 12

5.1. Manually set features on each Load Balanced Web Application (for example HH1.denallix.com) by clicking the Activate All K2 Features and K2 Configuration Settings on the K2 for SharePoint tab in Central Administration. This only has to be done once in Central Administration regardless of how many WFE s there are. Note: This action will deploy the solutions on both WFEs in our example as it is done at the Web Application level If it is a single SharePoint Server installation, then the post installation step is not required as the SharePoint panel ensures that all solutions are deployed. 6. Install Client machines with client tools (for example K2 Studio) Important Considerations If installation is complete and work has begun on the environment and you want to: Add another Site Collection What action do you have to take? None. No features have to be activated as K2 automatically added and activated the features on the Web Application. Add another Web Application - What action do you have to take? Manually deploy the solutions to the newly created Web Application Manually push the features to the newly created Web Application The following topics in the K2 product documentation cover the manual deployment and activation of the features: K2 Process Portals > Process Portal - Web Parts K2 Designer for SharePoint Administration Settings > K2 Designer for SharePoint Administration Settings K2 Designer for SharePoint > Getting Started with the K2 Designer for SharePoint > K2 Designer for SharePoint Administration Settings Activate All K2 Features and K2 Configuration Settings In a SharePoint environment where multiple servers exist for example: Indexing = Server 1 Central Admin and WFE = Server 2, the SharePoint panel in the installer will not display, and post installation must be followed (as this is not really a distributed Web Front End but the K2 installer views it as such) Tips when using Load Balancing Technologies The following should be considered: Make sure the K2 farm name is stored as a Host or A type record in the DNS and that the IP address points to the Load Balanced IP Register SPNs for the K2 farm name and each K2 server node in that farm with the K2 service account. Make sure you have multiple NIC s (Network Interface Card) per Farm node (when running your farm in unicast mode). This will be necessary as the servers heart beat each other and Load Balancing normally hogs a NIC per machine, which means that no other traffic can flow through it. If you don t have multiple NICs, you might be able to get away with using Multicast, but be aware that there might be some additional registration steps to follow on your switches. After installation and configuration, make sure to test each node individually by stopping one of the Load Balanced nodes using the Load Balancing Manager (shutdown a node to force convergence). That way you can ensure that all your nodes can communicate properly. PAGE 13

Troubleshooting the effects of an installation After completing the installation on a SharePoint Farm and the post installation step of Activate All K2 Features and K2 Configuration Settings has been done, it is possible that the virtual directories of the K2 Designer for SharePoint didn t create on every WFE. If this happens, perform the following steps: Go to Central Administration>Operations Select Timer Job Definitions from the Global Configuration section A K2 for SharePoint job will be listed which has not yet been executed Go to Administrative Tools>Services Restart the Windows SharePoint Services Timer. This will enable the K2 for SharePoint job to execute Kerberos Troubleshooting When connecting to Central Administration from a client machine to for instance Activate All K2 Features and K2 Configuration Settings you may see an Authentication is required for session xxx error caused by the double authentication hop. This means that the Kerberos configuration was not done correctly. To fix this, check the following: For IIS 7 or IIS 7.5 Only: Add the attribute "useapppoolcredentials" in the ApplicationHost.config file. (For more info, click here and go to the Special case of running IIS 7.0 in a WEB FARM section) Add HTTP SPN for Central Admin application pool account for NetBIOS and FQDN In Active directory: Configure the Admin Server computer account to Trust this computer for delegation to any service (Kerberos only) ; Configure the Central Admin application pool account to Trust this computer for delegation to any service (Kerberos only) Ensure that the K2 Server service SPN is correctly setup. (This should have been done by the K2 installation if the option was selected.) Note: Ensure that the Administration and Timer services are running on ALL SharePoint Servers (AppServer and WFE s) The Timer service account should be set up as the same account as which the Central Administration Application Pool is running The Administration service account should be set as Local System See the following diagram as a quick reference: PAGE 14

DEPLOYMENT OF A SHAREPOINT WORKFLOW INTEGRATED PROCESS The following is an explanation of the deployment of a SharePoint Workflow Integration (SPWI) process in a distributed SharePoint Farm environment: 1. Process deployment is initiated from one of the K2 Designers 2. Adding the workflow feature: a. Connects to the K2SPFeatures.asmx web service using the specified SharePoint Site URL to add or update the feature b. Connects to the K2SPFeatures.asmx web service using the Central Admin Site URL to create or update the feature on the farm. (It is a requirement to run in the context of the central admin application pool when executing anything against the SP Farm) c. After the feature has been created/updated on the farm, the web service call connects to each Web Front End server to update the feature files required. d. The call is returned to the deployment task to execute the next step 3. Associating the workflow feature with the list/content type: a. Connects to the K2SPWorkflowAssociations.asmx web service using the specified SharePoint Site URL to associate the workflow with the list/content type. (Content database update which reflects on all Web Front Ends in the farm) b. The call is returned to the deployment task to execute the next step 4. Creating the integration item in the K2 Integration List (hidden) a. Connects to the K2SPWorkflowAssociations.asmx web service using the specified SharePoint Site URL to create the list item b. The call is returned to the deployment task to execute next step 5. The deployment task completes as no more tasks exist to execute. PAGE 15

Note: In this distributed SharePoint Farm environment, the user deploying the process is required to be a Site Collection Administrator as well as a Farm Administrator to create, add, or update features on the farm as well as the sites. See User Permissions under the Required Permissions section of this document. The IP address for each Web Front End needs to be added in the IIS bindings in order for the feature files to be correctly created when a deployment is done. The following diagram illustrates the deployment: POSSIBLE ISSUES THAT MAY ARISE WHEN DEPLOYING A SHAREPOINT WORKFLOW INTEGRATED PROCESS ON A SHAREPOINT FARM ENVIRONMENT When deploying a SPWI process in a distributed SharePoint Farm environment, the following issue may occur: Issue: The required workflow feature folder is not created on all the Web Front End servers. Applies to: MOSS 2007 & WSS 3.0 running on Windows Server 2008 R2 in a distributed environment Example: Application Server with Central Administration PAGE 16

Web Front End Server A Web Front End Server B Web Front End servers setup in a Load Balanced environment using host header www.denallix.com K2 process is deployed using the host header www.denallix.com which forwards the request to Web Front End A. The workflow feature folder and files are created on Web Front End A as well as the Central Administration Server, but not on the Web Front End B server. Reason: The workflow feature files need to be created on each web front end server as well as the Central Administration Server in order for the feature to function correctly. Since the connection is made to the SharePoint Site using the host header, www.denallix.com to connect to the K2 SharePoint Web Service, the connection is only made to one of the multiple (two in this instance) Web Front End servers. Therefore the mechanism to create the files on the other Web Front End servers is to use the IP address retrieved from each server in the SharePoint Farm, and used to connect to the specific Web Front End server. Since no binding for the IP address exist in IIS (7.0/7.5) the connection fails with a 404 page cannot be found as the site does not exist on the IP according to IIS. Resolution: (The steps followed are specific to IIS 7.0/7.5, but the same principle can be applied for IIS6). Perform the following on each web front end server: 1. Open IIS Manager 2. Select the relevant SharePoint web application 3. In the actions panel, to the right of IIS Manager, click the Bindings link in the Actions > Edit Site task pane. 4. In the Site Bindings dialog, click on the Add button. 5. In the IP address drop down box, select the IP address bound to the Machine IP. 6. In the Port textbox, type in an unused port number. This port number will be used in the Alternate Access Mappings. 7. Click OK. 8. Click Close 9. Perform an IISReset 10. Open IE and make sure you are able to hit the SharePoint site on http://[machine IPAddress]:[Selected Port]/_vti_bin/k2spfeatures.asmx Set up Alternate Access Mapping: 1. Open SharePoint 3.0 Central Administration 2. Select the Operations tab 3. Select Alternate Access Mappings from the Global Configuration section 4. Select the Internal URL to which workflow integration is deployed. 5. Select the zone and click OK on the Edit Internal URL screen 6. Click Add Internal URL on Alternate Access Mappings screen 7. Add the NLB host header together with the above selected port in the form: http://[hostheader]:[selectedport] as an alternate address on which the site can be reached. 8. Click Save 9. Open IE and make sure you are able to hit the SharePoint site on http://[hostheader]:[selectedport] 10. Now redeploy the SharePoint Workflow Integration process. PAGE 17

TROUBLESHOOTING THE EFFECTS OF A DEPLOYMENT WHICH FAILED After the above has been completed, the process may now throw an error on deployment that the feature.xml could not be found. This occurs as the Load Balanced environment is now connected to a Web Front End that could not be updated by the K2 SharePoint Web Services and does not contain the required feature files. There are two possible solutions to remedy this: Copy the feature files from C:\Program Files\Common Files\microsoft shared\web Server Extensions\12\TEMPLATE\FEATURES\UserName+ProcessName manually from the Central Administration server to the necessary Web Front End servers as those files would have been created. Change the SPWI process wizard s SharePoint Site URL to point to the physical IP address of the Web Front End server where the files were not created. Note: This has to be performed for each Web Front End server for which the files were not created. PAGE 18

ADDITIONAL RESOURCES The following additional resources can be found on the K2 Knowledge Center site at http://help.k2.com/en/index.aspx. You will need a portal account in order to view the KB articles. KB000523 - K2 Deployment in a NLB environment with Out of the Box, Custom or Generated Forms KB001029 The Solution stays in a deployed state when using more than one SharePoint Server Farm PAGE 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback